Login
- Table of Contents
-
- 05-Network Connectivity Command Reference
- 00-Preface
- 01-MAC address table commands
- 02-Ethernet link aggregation commands
- 03-Port isolation commands
- 04-VLAN commands
- 05-Loop detection commands
- 06-Spanning tree commands
- 07-LLDP commands
- 08-Layer 2 forwarding commands
- 09-L2TP commands
- 10-ARP commands
- 11-IP addressing commands
- 12-DHCP commands
- 13-DHCP snooping commands
- 14-DHCPv6 commands
- 15-DHCPv6 snooping commands
- 16-DNS commands
- 17-HTTP commands
- 18-HTTP redirect commands
- 19-IP forwarding basics commands
- 20-Fast forwarding commands
- 21-Adjacency table commands
- 22-IP performance optimization commands
- 23-IPv6 basics commands
- 24-IPv6 neighbor discovery commands
- 25-IPv6 fast forwarding commands
- 26-NAT commands
- 27-GRE commands
- 28-Basic IP routing commands
- 29-Static routing commands
- 30-OSPF commands
- 31-Policy-based routing commands
- 32-IPv6 static routing commands
- 33-IPv6 policy-based routing commands
- 34-IGMP snooping commands
- 35-MLD snooping commands
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 18-HTTP redirect commands | 60.91 KB |
display http-redirect statistics
http-redirect https-rate-limit
http-redirect ssl-server-policy
reset http-redirect statistics
HTTP redirect commands
display http-redirect statistics
Use display http-redirect statistics to display packet statistics for HTTP redirect.
Syntax
display http-redirect statistics [ slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
slot slot-number: Specifies a cloud cluster member device by its member ID. If you do not specify a member device, this command displays HTTP redirect packet statistics on all member devices.
Examples
# Display HTTP redirect packet statistics for slot 1.
<Sysname> display http-redirect statistics slot 1
Slot 1:
HTTP:
Received SYN packets :1000
Sent SYN ACK packets :1000
Sent RST packets :500
Redirect node not found events :50
Assembled redirect URL failed times/total times :100/700
HTTPS:
Received SYN packets :1000
Sent SYN ACK packets :1000
Sent RST packets :500
Redirect node not found events :300
Assembled redirect URL failed times/total times :100/700
SSL handshake failed times/total times :0/700
SSL data interaction failed times/total times :0/700
Table 1 Command output
|
Field |
Description |
|
HTTP |
Packet statistics for HTTP redirect. |
|
Received SYN packets |
Number of SYN packets that have been received. |
|
Sent SYN ACK packets |
Number of SYN ACK packets that have been sent. |
|
Sent RST packets |
Number of RST packets that have been sent. |
|
Redirect node not found events |
Number of times that the system failed to find redirect nodes. |
|
Redirect URL assembly failures and total number of redirect URL assemblies. |
|
|
HTTPS |
Packet statistics for HTTPS redirect. |
|
SSL handshake failed/total times |
Number of SSL handshake failures, and the total number of SSL handshakes. |
|
SSL data interaction failed times/total times |
Number of SSL data exchange failures, and the total number of SSL data exchanges. |
Related commands
reset http-redirect statistics
http-redirect https enable
Use http-redirect https enable to enable HTTPS-based redirect.
Use undo http-redirect https enable to disable HTTPS-based redirect.
Syntax
http-redirect https enable
undo http-redirect https enable
Default
HTTPS-based redirect is enabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
Application scenarios
By default, when the device uses HTTPS-based redirect. The endpoint often displays a security warning for the redirect page. In environments that are trusted or have low security requirements, you can disable HTTPS-based redirect to avoid such warnings.
After you disable this feature, HTTPS-based redirect for portal authentication, MAC address authentication, and 802.1X authentication will become inactive and HTTP-based redirect will be used.
Restrictions and guidelines
To avoid security risks in environments that are not trusted or have high security requirements, disable HTTPS-based redirect as a best practice.
Examples
# Disable HTTPS-based redirect.
<Sysname> system-view
[Sysname] undo http-redirect https enable
http-redirect https-rate-limit
Use http-redirect https-rate-limit to set the HTTPS redirect rate limit.
Use undo http-redirect https-rate-limit to restore the default.
Syntax
http-redirect https-rate-limit pps
undo http-redirect https-rate-limit
Default
The HTTPS redirect rate limit is 100 pps.
Views
System view
Predefined user roles
network-admin
Parameters
pps: Specifies the HTTPS redirect rate limit, in the range of 1 to 65535, in packets per second (pps).
Usage guidelines
Redirecting a large number of HTTPS requests will overwhelm the CPU and affect other services on the device. To resolve this issue, you can limit the rate of HTTPS redirect packets sent to the CPU. When the rate of the HTTP redirect packets exceeds the limit, the device drops the exceeding HTTPS redirect packets.
Setting this limit affects the performances of services that need to redirect HTTPS requests, for example, the user online rate of the authentication service. Set a proper HTTPS redirect rate limit according to the network condition.
Examples
# Set the HTTPS redirect rate limit to 200 bps.
<Sysname> system-view
[Sysname] http-redirect https-rate-limit 200
http-redirect ssl-server-policy
Use http-redirect ssl-server-policy to associate an SSL server policy with the HTTPS redirect service.
Use undo http-redirect ssl-server-policy to restore the default.
Syntax
http-redirect ssl-server-policy policy-name
undo http-redirect ssl-server-policy
Default
No SSL server policy is associated with the HTTPS redirect service. The HTTPS redirect service uses a self-assigned certificate and the default SSL parameters.
Views
System view
Predefined user roles
network-admin
Parameters
policy-name: Specifies an SSL server policy by its name, a case-insensitive string of 1 to 31 characters.
Usage guidelines
HTTPS redirect is unavailable if the associated SSL server policy does not exist. You can first associate a nonexistent SSL server policy with the HTTPS redirect service and then configure the SSL server policy.
If you change the SSL server policy associated with the HTTPS redirect service, the new policy takes effect immediately.
If you perform this task multiple times, the most recent configuration takes effect.
Examples
# Associate SSL server policy policy1 with the HTTPS redirect service.
<Sysname> system-view
[Sysname] http-redirect ssl-server-policy policy1
Related commands
ssl server-policy
reset http-redirect statistics
Use reset http-redirect statistics to reset packet statistics for HTTP redirect.
Syntax
reset http-redirect statistics [ slot slot-number ]
Views
User view
Predefined user roles
network-admin
Parameters
slot slot-number: Specifies a cloud cluster member device by its member ID. If you do not specify a member device, this command clears HTTP redirect packet statistics on all member devices.
Examples
# Clear HTTP redirect packet statistics.
<Sysname> reset http-redirect statistics
# Clear HTTP redirect packet statistics for slot 1.
<Sysname> reset http-redirect statistics slot 1
Related commands
display http-redirect statistics
